Hardware Reco?
-
Looking to move away from my virtual setup to a bare metal solution…
So after speaking to Netgate, they are sold out of SG-4860 1U models for the next month, wanted to see if anyone built anything comparable to the 4860 model recently?
Will be running:
-Symmetric gigabit from my ISP, Verizon FIOS
-NAT, Suricatta, OpenVPN SHA256I know it will not be a true gigabit throughput with the above services running, but wanted to come close as possible... Anyone have any recommendations on their setup?
Ideally wanted a rack-able solution that will about 1.75" x 19" x 8.5" in size, as long as the depth isnt over 9"
-
@johnkeates:
Not sure about the inches, but you can get SuperMicro setups with equivalent hardware that compare reasonably with the form factor but are racked by default. Similar to this one: https://www.supermicro.nl/products/system/Mini-ITX/SYS-E300-9D.cfm and https://www.supermicro.nl/products/system/1U/5018/SYS-5018A-FTN4.cfm but less deep. I'll see if I can find the actual item I'm referring to.
I think it was this one: https://www.supermicro.nl/products/system/Mini-ITX/SYS-E300-8D.cfm
Someone else on the forum posted about the E-series ITX systems and came up with one for a small house-rack (10 inch rack with not a lot of depth IIRC).Yup I been eyeing this…. Thank you!!
Do you know if the CPU is AES-NI Compatible? I didnt see anything about that...On your opinion (wont hold you to it) do you think this will run OK close to gigabit speeds? w/ the services above.
https://www.supermicro.nl/products/system/Mini-ITX/SYS-E300-8D.cfm
-
@johnkeates:
@johnkeates:
Not sure about the inches, but you can get SuperMicro setups with equivalent hardware that compare reasonably with the form factor but are racked by default. Similar to this one: https://www.supermicro.nl/products/system/Mini-ITX/SYS-E300-9D.cfm and https://www.supermicro.nl/products/system/1U/5018/SYS-5018A-FTN4.cfm but less deep. I'll see if I can find the actual item I'm referring to.
I think it was this one: https://www.supermicro.nl/products/system/Mini-ITX/SYS-E300-8D.cfm
Someone else on the forum posted about the E-series ITX systems and came up with one for a small house-rack (10 inch rack with not a lot of depth IIRC).Yup I been eyeing this…. Thank you!!
Do you know if the CPU is AES-NI Compatible? I didnt see anything about that...On your opinion (wont hold you to it) do you think this will run OK close to gigabit speeds? w/ the services above.
https://www.supermicro.nl/products/system/Mini-ITX/SYS-E300-8D.cfm
Yes, and far more. The D-1518 is probably overkill, and will do just fine. Has AES-NI as well.
Edit: the rack mount kit is optional tho :-( https://www.supermicro.nl/a_images/products/views/E300-8D_Rackmount_Kit.png
Thank you very much for your input!!!
-
A little bit late to the party, but just wanted to mention that I have been using the 1U brother to the E300-8D for about a year with a symmetric 1Gbit fiber connection (FIOS) and Snort as the IDS.
https://www.supermicro.nl/products/system/1U/5018/SYS-5018D-FN8T.cfm
Have not tested Open VPN performance with it yet, but for everything else the system has been flawless. I did decide to tune the network card parameters a bit to fully take advantage of a fast WAN connection. For example, see here:
https://forum.pfsense.org/index.php?topic=113496.0
https://calomel.org/freebsd_network_tuning.htmlHope this helps.
-
Oh, and to confirm to the OP, yes you'll definitely be able to max out 1Gbit WAN connection with this hardware even with an IDS enabled on the interface(s). In fact, the system is capable of even more than that based on some limited 10Gbit testing that I've done. Of course don't expect to get 1Gbit/s with a single OpenVPN connection.